Vulnerability CVE-2023-37569
Published: 2023-08-08

Description:
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on targeted system.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Emagic Data Center Management Suite v6.0 OS Command Injection
Shubham Pandey &...
08.08.2023
High
Emagic Data Center Management Suite 6.0 Remote Command Execution
thewhiteh4t
13.08.2023

Type:

CWE-78

 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0226
Copyright 2024, cxsecurity.com

 

Back to Top